File watch-and-fetch of Package confinedrv

Overview Repositories Revisions Requests Users Attributes Meta

File watch-and-fetch of Package confinedrv

#!/bin/bash

compare_version() {
  local leftaa leftbb rightaa rightbb;
  [[ -z "$1$2" || "$1" = "$2" ]] && return 0;
  leftaa="${1%%.*}"; leftbb="${2%%.*}";
  [[ "$leftaa$leftbb" =~ ^[0-9]*$ ]] || return 4;    # indicates an error as these are not numbers
  [[ leftaa -lt leftbb ]] && return 255;   # aa-token lower -> (-1)
  [[ leftaa -gt leftbb ]] && return 1;     # bb-token lower ->  +1
  rightaa="${1#*.}"; rightbb="${2#*.}";
  [[ "$rightaa" = "$1" && "$rightbb" = "$2" ]] && return 0;
  # [[ "$rightaa" = "$1" ]] && return 255;   # aa-token does not continue -> (-1)
  # [[ "$rightbb" = "$2" ]] && return 1;     # bb-token does not continue ->  +1   !! could be something like -rc1 - then it would be the other way round !!
  [[ "$rightaa" = "$1" ]] && rightaa="";
  [[ "$rightbb" = "$2" ]] && rightbb=""; # last *. was already consumed so that * is now the last token to be stripped  
  : ${rightaa:=0} ${rightbb:=0}
  compare_version "$rightaa" "$rightbb";
  return $?;
}

get_newest_version() {
  version=0; echo "*** looking for $1* ..." >&2
  let refreshed=1;
  while read checksum filename; do
    thisversion="${filename#$1}";
    compare_version $thisversion $version; res=$?;
    if [[ res -eq 1 ]]; then
      version="$thisversion"; sha512="$checksum";
    elif [[ res -eq 4 ]]; then
      echo "error in version comparison '$thisversion' -'$version'." >&2;
      exit 5;
    elif [[ res -eq 4 ]]; then
      echo "warning: two versions compare equal '$thisversion' -'$version'." >&2;
      exit 6;
    fi
  done < <( grep "^.\{128\} \+[.]\?[/]\?$1" SHA512SUMS.signed; )
  echo "newest version: $version" >&2;
  filepath="$1$version"; filename="$(basename "$filepath")";
  if [[ -e "$filename" ]]; then
    real_sha512="$(sha512sum ${filename})"; real_sha512="${real_sha512%% *}";
    if [[ "${sha512,,}" != "${real_sha512,,}" ]]; then 
      echo "file here but its sha512sum does not match (moving to $filename.quarantine)." >&2;
      mv "$filename" "$filename.quarantine";
      unset real_sha512;
    fi
  fi
  [[ -e "$filename" ]] || { wget "https://www.elstel.org/$filepath"; let refreshed=$?; }
  [[ -z "$real_sha512" ]] && { real_sha512="$(sha512sum ${filename})"; real_sha512="${real_sha512%% *}"; } 
  if [[ "${sha512,,}" = "${real_sha512,,}" ]]; then echo "sha512sum matches; good." >&2;
  else echo "error sha512sums do no match: $sha512 != $real_sha512" >&2; exit 44;
  fi
  echo "done asserting/fetching $filename" >&2;
  echo
  return $refreshed
}

if [[ "$1" = "--help" ]]; then
  echo "watch-and-fetch: get confinedrv-vNEWEST and confinedrv.8.gz-vNEWEST if newer version available upstreams."
  echo "watch-and-fetch --force:  force refreshing the checksum and download offer file software/SHA512SUMS.signed first."
  echo "watch-and-fetch --web: unconditionally download and gzip the current web presence for confinedrv."
  echo
  exit 0;

elif [[ "$1" = "--web" ]]; then
  [[ "$(basename "$(pwd)")" != "confinedrv" ]] && { echo "need to be in the confinedrv osc directory." >&2; exit 4; }
  rm -fr www.elstel.org
  wget -p https://www.elstel.org/qemu/index.html
  tar -czf "confinedrv-doc-$(date -Idate).tar.gz" www.elstel.org 
  exit $?;

if [[ "$1" = "--force" ]]; then
  rm -f SHA512SUMS.signed
  wget https://www.elstel.org/software/SHA512SUMS.signed

else
  cp SHA512SUMS.signed SHA512SUMS.signed.old
  wget -N --no-if-modified-since --unlink https://www.elstel.org/software/SHA512SUMS.signed
  # [[ -e SHA512SUMS.signed ]] || mv SHA512SUMS.signed.old SHA512SUMS.signed

[[ -n "$1" ]] && { echo "unknown command line parameter $1." >&2; exit 1; }

gpg --import estellnb.pubkey.asc
gpg --command-fd 0 --edit-key "A8FD357202530C63"  < <( echo trust; echo 4; echo save; )
gpg --verify SHA512SUMS.signed || { err "SHA512SUMS.signed nicht korrekt signiert, schluß."; exit 4; }
echo "Signatur scheint korrekt." >&2
#echo >&2

get_newest_version "qemu/confinedrv-v"; let fresh1=$?
get_newest_version "qemu/confinedrv.8.gz-v"; let fresh2=$?

[[ fresh1 -eq 0 || fresh2 -eq 0 ]] && exit 0;   # one of the files has been refreshed; consider package rebuild
exit 2;

Places

File watch-and-fetch of Package confinedrv

Places